cdk-factory 0.19.9__py3-none-any.whl → 0.19.10__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- cdk_factory/stack_library/cloudfront/cloudfront_stack.py +14 -11
- cdk_factory/stack_library/ecs/ecs_service_stack.py +34 -0
- cdk_factory/version.py +1 -1
- {cdk_factory-0.19.9.dist-info → cdk_factory-0.19.10.dist-info}/METADATA +1 -1
- {cdk_factory-0.19.9.dist-info → cdk_factory-0.19.10.dist-info}/RECORD +8 -8
- {cdk_factory-0.19.9.dist-info → cdk_factory-0.19.10.dist-info}/WHEEL +0 -0
- {cdk_factory-0.19.9.dist-info → cdk_factory-0.19.10.dist-info}/entry_points.txt +0 -0
- {cdk_factory-0.19.9.dist-info → cdk_factory-0.19.10.dist-info}/licenses/LICENSE +0 -0
|
@@ -145,7 +145,7 @@ class CloudFrontStack(IStack):
|
|
|
145
145
|
return
|
|
146
146
|
|
|
147
147
|
# Check if certificate ARN is provided
|
|
148
|
-
cert_arn = cert_config.get("arn")
|
|
148
|
+
cert_arn = self.resolve_ssm_value(self, cert_config.get("arn"), "CertificateARN")
|
|
149
149
|
if cert_arn:
|
|
150
150
|
self.certificate = acm.Certificate.from_certificate_arn(
|
|
151
151
|
self, "Certificate", certificate_arn=cert_arn
|
|
@@ -173,14 +173,14 @@ class CloudFrontStack(IStack):
|
|
|
173
173
|
"CloudFront certificates must be created in us-east-1"
|
|
174
174
|
)
|
|
175
175
|
return
|
|
176
|
-
|
|
176
|
+
|
|
177
177
|
# Create the certificate
|
|
178
178
|
# Get hosted zone from SSM imports
|
|
179
179
|
hosted_zone_id = cert_config.get("hosted_zone_id")
|
|
180
180
|
hosted_zone = route53.HostedZone.from_hosted_zone_id(
|
|
181
181
|
self, "HostedZone", hosted_zone_id
|
|
182
182
|
)
|
|
183
|
-
|
|
183
|
+
|
|
184
184
|
self.certificate = acm.Certificate(
|
|
185
185
|
self,
|
|
186
186
|
"Certificate",
|
|
@@ -223,7 +223,9 @@ class CloudFrontStack(IStack):
|
|
|
223
223
|
|
|
224
224
|
def _create_custom_origin(self, config: Dict[str, Any]) -> cloudfront.IOrigin:
|
|
225
225
|
"""Create custom origin (ALB, API Gateway, etc.)"""
|
|
226
|
-
domain_name = self.resolve_ssm_value(
|
|
226
|
+
domain_name = self.resolve_ssm_value(
|
|
227
|
+
self, config.get("domain_name"), config.get("domain_name")
|
|
228
|
+
)
|
|
227
229
|
origin_id = config.get("id")
|
|
228
230
|
|
|
229
231
|
if not domain_name:
|
|
@@ -297,21 +299,22 @@ class CloudFrontStack(IStack):
|
|
|
297
299
|
|
|
298
300
|
def _create_s3_origin(self, config: Dict[str, Any]) -> cloudfront.IOrigin:
|
|
299
301
|
"""Create S3 origin"""
|
|
300
|
-
bucket_name = self.resolve_ssm_value(
|
|
301
|
-
|
|
302
|
+
bucket_name = self.resolve_ssm_value(
|
|
303
|
+
self, config.get("bucket_name"), config.get("bucket_name")
|
|
304
|
+
)
|
|
302
305
|
|
|
303
306
|
origin_path = config.get("origin_path", "")
|
|
304
|
-
|
|
307
|
+
|
|
305
308
|
if not bucket_name:
|
|
306
309
|
raise ValueError("S3 origin requires 'bucket_name' configuration")
|
|
307
|
-
|
|
310
|
+
|
|
308
311
|
# For S3 origins, we need to import the bucket by name
|
|
309
312
|
bucket = s3.Bucket.from_bucket_name(
|
|
310
313
|
self,
|
|
311
314
|
id=f"S3OriginBucket-{config.get('id', 'unknown')}",
|
|
312
|
-
bucket_name=bucket_name
|
|
315
|
+
bucket_name=bucket_name,
|
|
313
316
|
)
|
|
314
|
-
|
|
317
|
+
|
|
315
318
|
# Create S3 origin with OAC (Origin Access Control) for security
|
|
316
319
|
origin = origins.S3BucketOrigin.with_origin_access_control(
|
|
317
320
|
bucket,
|
|
@@ -321,7 +324,7 @@ class CloudFrontStack(IStack):
|
|
|
321
324
|
cloudfront.AccessLevel.LIST,
|
|
322
325
|
],
|
|
323
326
|
)
|
|
324
|
-
|
|
327
|
+
|
|
325
328
|
return origin
|
|
326
329
|
|
|
327
330
|
def _create_distribution(self) -> None:
|
|
@@ -226,6 +226,9 @@ class EcsServiceStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
|
|
|
226
226
|
"CloudWatchAgentServerPolicy"
|
|
227
227
|
)
|
|
228
228
|
)
|
|
229
|
+
|
|
230
|
+
# add any custom policies
|
|
231
|
+
self._add_custom_task_policies(task_role)
|
|
229
232
|
|
|
230
233
|
# Create task definition based on launch type
|
|
231
234
|
if self.ecs_config.launch_type == "EC2":
|
|
@@ -257,6 +260,37 @@ class EcsServiceStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
|
|
|
257
260
|
# Add containers
|
|
258
261
|
self._add_containers_to_task()
|
|
259
262
|
|
|
263
|
+
def _add_custom_task_policies(self, task_role: iam.Role) -> None:
|
|
264
|
+
"""
|
|
265
|
+
Add custom task policies to the task definition.
|
|
266
|
+
"""
|
|
267
|
+
for policy in self.ecs_config.task_definition.get("policies", []):
|
|
268
|
+
|
|
269
|
+
effect = policy.get("effect", "Allow")
|
|
270
|
+
action = policy.get("action", None)
|
|
271
|
+
actions = policy.get("actions", [])
|
|
272
|
+
if action:
|
|
273
|
+
actions.append(action)
|
|
274
|
+
resources = policy.get("resources", [])
|
|
275
|
+
resource = policy.get("resource", None)
|
|
276
|
+
if resource:
|
|
277
|
+
resources.append(resource)
|
|
278
|
+
|
|
279
|
+
if effect == "Allow" and actions:
|
|
280
|
+
effect = iam.Effect.ALLOW
|
|
281
|
+
if effect == "Deny" and actions:
|
|
282
|
+
effect = iam.Effect.DENY
|
|
283
|
+
|
|
284
|
+
sid = policy.get("sid", None)
|
|
285
|
+
task_role.add_to_policy(
|
|
286
|
+
iam.PolicyStatement(
|
|
287
|
+
effect=effect,
|
|
288
|
+
actions=actions,
|
|
289
|
+
resources=resources,
|
|
290
|
+
sid=sid,
|
|
291
|
+
)
|
|
292
|
+
)
|
|
293
|
+
|
|
260
294
|
def _add_volumes_to_task(self) -> None:
|
|
261
295
|
"""
|
|
262
296
|
Add volumes to the task definition.
|
cdk_factory/version.py
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
__version__ = "0.19.
|
|
1
|
+
__version__ = "0.19.10"
|
|
@@ -2,7 +2,7 @@ cdk_factory/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
|
2
2
|
cdk_factory/app.py,sha256=RnX0-pwdTAPAdKJK_j13Zl8anf9zYKBwboR0KA8K8xM,10346
|
|
3
3
|
cdk_factory/cdk.json,sha256=SKZKhJ2PBpFH78j-F8S3VDYW-lf76--Q2I3ON-ZIQfw,3106
|
|
4
4
|
cdk_factory/cli.py,sha256=FGbCTS5dYCNsfp-etshzvFlGDCjC28r6rtzYbe7KoHI,6407
|
|
5
|
-
cdk_factory/version.py,sha256=
|
|
5
|
+
cdk_factory/version.py,sha256=gIAvq9SB6YStPs9R4fOTA5ElNAzsxGid7xxii31j-fI,24
|
|
6
6
|
cdk_factory/builds/README.md,sha256=9BBWd7bXpyKdMU_g2UljhQwrC9i5O_Tvkb6oPvndoZk,90
|
|
7
7
|
cdk_factory/commands/command_loader.py,sha256=QbLquuP_AdxtlxlDy-2IWCQ6D-7qa58aphnDPtp_uTs,3744
|
|
8
8
|
cdk_factory/configurations/base_config.py,sha256=eJ3Pl3GWk1jVr_bYQaaWlw4_-ZiFGaiXllI_fOOX1i0,9323
|
|
@@ -91,7 +91,7 @@ cdk_factory/stack_library/aws_lambdas/lambda_stack.py,sha256=SFbBPvvCopbyiuYtq-O
|
|
|
91
91
|
cdk_factory/stack_library/buckets/README.md,sha256=XkK3UNVtRLE7NtUvbhCOBBYUYi8hlrrSaI1s3GJVrqI,78
|
|
92
92
|
cdk_factory/stack_library/buckets/bucket_stack.py,sha256=SLoZqSffAqmeBBEVUQg54D_8Ad5UKdkjEAmKAVgAqQo,1778
|
|
93
93
|
cdk_factory/stack_library/cloudfront/__init__.py,sha256=Zfx50q4xIJ4ZEoVIzUBDTKbRE9DKDM6iyVIFhtQXvww,153
|
|
94
|
-
cdk_factory/stack_library/cloudfront/cloudfront_stack.py,sha256=
|
|
94
|
+
cdk_factory/stack_library/cloudfront/cloudfront_stack.py,sha256=7cYPqoQyiXH6r3j9jp9oLXv1ZDixeCYPAXJtTOmagPc,32309
|
|
95
95
|
cdk_factory/stack_library/code_artifact/code_artifact_stack.py,sha256=o86cmC_ZV82z-K7DoAR0u1nAieoTi-vxRF01tyJn-9M,5297
|
|
96
96
|
cdk_factory/stack_library/cognito/cognito_stack.py,sha256=3tjKCNcIwXZn7fd4EDQdY6H9m6CnZohI4uTQ4TpacRQ,25327
|
|
97
97
|
cdk_factory/stack_library/dynamodb/dynamodb_stack.py,sha256=-_Ij1zXIxUuZIWgdevam_1vD3LEJ6pFs9U0hmw0KwIw,6743
|
|
@@ -99,7 +99,7 @@ cdk_factory/stack_library/ecr/README.md,sha256=xw2wPx9WN03Y4BBwqvbi9lAFGNyaD1FUN
|
|
|
99
99
|
cdk_factory/stack_library/ecr/ecr_stack.py,sha256=KLbd5WN5-ZiojsS5wJ4PX-tIL0cCylCSvXjO6sVrgWY,2102
|
|
100
100
|
cdk_factory/stack_library/ecs/__init__.py,sha256=o5vGDtD_h-gVXb3-Ysr8xUNpEcMsnmMVgZv2Pupcdow,219
|
|
101
101
|
cdk_factory/stack_library/ecs/ecs_cluster_stack.py,sha256=sAPTLU5CAwMoLTW_pNy_cd0OtVkfDR7IxxsSq5AE0yo,12091
|
|
102
|
-
cdk_factory/stack_library/ecs/ecs_service_stack.py,sha256=
|
|
102
|
+
cdk_factory/stack_library/ecs/ecs_service_stack.py,sha256=KB4YCIsMm5JIGM9Bm-bKcr3eX5xXFgnoA7jST_ekK44,28209
|
|
103
103
|
cdk_factory/stack_library/lambda_edge/__init__.py,sha256=ByBJ_CWdc4UtTmFBZH-6pzBMNkjkdtE65AmnB0Fs6lM,156
|
|
104
104
|
cdk_factory/stack_library/lambda_edge/lambda_edge_stack.py,sha256=7owFVRijjtyAAgwRWfVophJlwi9ATDon9ekkJdSQTNw,17050
|
|
105
105
|
cdk_factory/stack_library/load_balancer/__init__.py,sha256=wZpKw2OecLJGdF5mPayCYAEhu2H3c2gJFFIxwXftGDU,52
|
|
@@ -136,8 +136,8 @@ cdk_factory/utilities/os_execute.py,sha256=5Op0LY_8Y-pUm04y1k8MTpNrmQvcLmQHPQITE
|
|
|
136
136
|
cdk_factory/utils/api_gateway_utilities.py,sha256=If7Xu5s_UxmuV-kL3JkXxPLBdSVUKoLtohm0IUFoiV8,4378
|
|
137
137
|
cdk_factory/validation/config_validator.py,sha256=Pb0TkLiPFzUplBOgMorhRCVm08vEzZhRU5xXCDTa5CA,17602
|
|
138
138
|
cdk_factory/workload/workload_factory.py,sha256=yDI3cRhVI5ELNDcJPLpk9UY54Uind1xQoV3spzT4z7E,6068
|
|
139
|
-
cdk_factory-0.19.
|
|
140
|
-
cdk_factory-0.19.
|
|
141
|
-
cdk_factory-0.19.
|
|
142
|
-
cdk_factory-0.19.
|
|
143
|
-
cdk_factory-0.19.
|
|
139
|
+
cdk_factory-0.19.10.dist-info/METADATA,sha256=DBpgjyIwcNUX78kwx-jdTlkL9okzQz57iaG23jbF6jU,2452
|
|
140
|
+
cdk_factory-0.19.10.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
141
|
+
cdk_factory-0.19.10.dist-info/entry_points.txt,sha256=S1DPe0ORcdiwEALMN_WIo3UQrW_g4YdQCLEsc_b0Swg,53
|
|
142
|
+
cdk_factory-0.19.10.dist-info/licenses/LICENSE,sha256=NOtdOeLwg2il_XBJdXUPFPX8JlV4dqTdDGAd2-khxT8,1066
|
|
143
|
+
cdk_factory-0.19.10.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|